MidnightBSD

Advisories for van-ons

CVE-2018-19207 HIGH

The Van Ons WP GDPR Compliance (aka wp-gdpr-compliance) plugin before 1.4.3 for WordPress allows remote attackers to execute arbitrary code because $wpdb->prepare() input is mishandled, as exploited in the wild in November 2018.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-425,

Products Affected

Vendor Product Version
van-ons wp-gdpr-compliance *